Birdsong, for example, was supposedly an automatic posting of Tweets. It is listed as being decommissioned, replaced by a program called Sylvester, possibly a reference to the popular Sylvester and Tweety Looney Tunes cartoon in which a large cat tries to devour Tweety, a little yellow bird.

Angry Pirate allegedly permanently disabled an account on a target’s computer – somewhat like climbing aboard, taking over a ship and destroying something while there. Snoopy is a tool to extract mobile phone data from a copy of a phone’s memory. It is part of a larger program called Mobile Hoover. Changeling gives an agent the ability to spoof any email address and send email under that identity.

In the list, Goodfella refers generically to collection of information from social networks. But the list also has nicknames for programs targeting specific social media sites, including three for Facebook: Godfather, for public data; Spring Bishop, for private photos; and Reservoir, for “various information.”

The Concrete Donkey program was used allegedly to send audio messages to many telephones or “repeatedly bomb a target number with the same message.” Viking Pillage is a program to automatically collect encrypted data from other JTRIG programs which are “remotely hosted,” – meaning, running on target networks.

Some of the flashiest names have some of the geekiest descriptions. Astral Projection is a “remote GSM secure covert internet proxy using TOR hidden services,” which presumably allows GCHQ to use aspects of the anonymized Tor network for its own purposes.

According to the leaked document, JTRIG develop the majority of these types of programs for GCHQ. “A lot of this capability is developed on demand for specific operations and then further developed to provide weaponised capability,” the document’s authors wrote.

“Don’t treat this like a catalogue. If you don’t see it here, it doesn’t mean we can’t build it. If you involve the JTRIG operational teams at the start of your operation, you have more of a chance that we will build something for you,” the document stated.

JTRIG’s research network was called Dirty Devil, and its various operations were monitored on a Cyber Command Console.

The descriptions of the programs weren’t always so dry. One, called Viewer, was described as “a programme that (hopefully) provides advance tip off” of a kidnapper’s IP address.

The document says it was last updated on July 5, 2012, and says it wasn’t being updated anymore.